Christopher Todd Sanders (Enterprise Solutions Architect)

Executive Summary:
● To lead a company to the forefront of technology by using cutting edge equipment such as HPC, Cloud
computing, Virtualization, Security and datacenter design. In addition, my aspirations are to architect,
implement and lead large scale environments in areas of Cloud, Cybersecurity, Storage, Networking and
Application Integration using tools from an assortment of business endeavors. The goal is to provide guidance to
organizations who exhibit strong management resilience and a willingness to embrace emerging technologies.
● With a proven track record of being a champion in the world of enterprise computing, I have been involved in
high level projects ranging from enterprise cloud computing, network security, datacenter migration,
telecommunications design and infrastructure maintenance. Perseverance, meticulous resolution, critical-
thinking and problem-solving are only a few exhibited traits needed during employment and contract tenure.

Work Experience:
ITOTS Networks, LLC (Clients: Microsoft, HPE, BTWalls, & Government Clients)
Enterprise Cloud/Solutions Architect/Engineer (Cloud Solutions Consultant)
Online/Remote Project – IBM, Microsoft, Akamai/Linode and GCP Cloud Migration Jun. 2022 - Present
● Developed cybersecurity proposal for the City of Houston, TX, the process involved Continuous Monitoring, 20x
System Review, Staff Augmentation, and PCI-DSS analysis. Worked with companies like Qmulos to address the
cybersecurity needs of the organization by implementing a compliance strategy and workflo w using Q-
Compliance (QC). QC allowed the group to
run security scans against running systems
while at the same time providing NIST 800-
53 Rev. 4|5, 800-171 and other cyber
frameworks. Ran Wazuh scans against
specific systems in a Q/A and Pre-Prod
environments, this ensures the control
validation process went smoothly. Finally,
from the assessment, we were able to
create SSPs/POA&Ms using the QC
application (underlying engine was
Splunk). And finally, wrote code using
Python, Ansible, Perl and PowerShell
(WRM connection for Windows Systems) to interrogate the system using SSH (keys were supplied using a
Python/Ansible process, the menu allows interactive communication from on-premise to cloud environment).
This allowed for seamless access to address system controls (UFW firewall, Kernel updates, SELinux
port/filesystem/domain) recommended by NIST, GDPR, PCI, SCA and other cybersecurity organizations. The
solution also addressed cloud security concerns and mechanisms used by AWS, Azure, GCP, IBM and Oracle
Platforms (data encryption, Keyvaults/KMS, Networking, Organizational groups, WAF, CDN, AD IAMs, NSG/SG,
Container security, K8s monitoring, and security agent deployment. Deployed continuous monitoring security
tools to specific Google (GCP) servers, updated onboard UFW firewalls using Python and Ansible to secure
external threats from specific nation states (Russia, China, North Korea, etc.) while deploying applications using
docker-compose and Ansible.
● Wrote code using Python 3.X and Ansible to deploy applications to onsite and cloud environments, needed to
resolve issue with configuring and updating servers using Web-gui (ex. cockpit); however, the customer wanted
a way to login to the servers GUI (Graphical Interface), devised a way to install a ssh key using ansible, then
deployed application from the web to the server over a secure SSH session, we are now able to update security

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 1
 controls, applications, ACLs (UFW, Firewalld) and monitoring package from an assortment of companies
(Extrahop, Threat, Automox, Fortinet, VMWare, Microsoft, Splunk, Threatlocker, N -Able cyber tools).
● Developed cloud solutions for a construction company located in Atlanta, GA (Behind the Walls). Attended
numerous meetings to evaluate their building and rehabilitation process. Worked with various vendors and
members of their construction team to develop technical solutions where the user sent user data to the cloud,
the system measured the distance from walls to provide accurate measurements of the building using a laser
depth and width measurement process, the process allowed the user to gather the building dimensions.
● Developed Azure Virtual Desktop environment using Hostpools, Workspaces and Application Groups (Hostpools
allow RDP sessions and Virtual Desktops to interact with the cloud, Workspaces interface with Application
Groups allowing users to deploy applications from Hostpool MSIX setup, Application Groups are associated with
VDIs (preferably Windows 10 or 11). Allowed
users to identify user permissions (usually
configured using IAM, this allows the user to
associate “Virtual Machine User Login and
Virtual Machine Admin Login” giving the user
desktop access) where applications can be
uploaded using MSIX application formats
(virtual machines need to be configured first
in order for this MSIX deployment process to
take place or the process will fail).
● Configured Terraform AWS and Azure
process to create “Providers, VPCs, Subnets,
Load-Balancers, Organizations, Security
Groups, and Containers'' and assortment of
resources using Terraform
“Maps(Strings|Lists|Any), CidrSubnets,
variables, element, for_each, locals, count
and format” statements to create resources in CSP environments ranging from AWS, GCP and Azure. Identified
elements where the lists using “any'' found in a variable statement increased the processing speed of the
resource deployment process. In addition, created the same statements using Bash-Shell and Ansible as an
alternative way to create the necessary resources if the CI/CD process errored out or failed for any reason.
Python and Ansible was used as an alternative way to create menu applications for resource deployment,
cybersecurity compliance, architectural design scenarios and application deployment (ex. from off to on -premise
(VMware) environments to Hyperscalers - GCP, AWS, IBM, and Azure cloud environments).
● Configured N-Able Insight RMM to perform cloud analytics and onsite backups; in addition, developed a Python,
Ansible, and PowerShell deployment process using N-Able’s BashShell during the agent deployment process
(deployed a service called “rmmagent” for Linux) that allowed users to monitor cpu, filesystem, disk-io, and
assortment of other metrics of the various servers identified in the cloud and on premise.
● Provided secure solutions at the site using cameras (infrared and motion sensing) where the executive and
administrative staff could identify workers and users that entered and left the property, this information has
been uploaded to a blob storage environment that is connected to a Databricks environment. The system is
elastic allowing larger amounts of processing to take place when resource locations increase. Created Azure K8s
environment using Terraform MS Visual Code, connected to ADO and uploaded the [Link], [Link],
[Link], and [Link] files to ADO. Ran the pipelines in ADO to create the environment (Resource Groups,
vNets/Subnets, Load-Balancers, VMSS, vWAN, Kubernetes Nodes/PODS and AAD/IAM policies). Connected the
Kubernetes environment to AAD, along with enabling a number of extensions in the Azure Portal. Brought team
members up to speed in order to monitor a cloud virtualized environment using Helm charts to deploy the code
to the various nodes, the data was processed on site while the output was sent to a cloud environment. After
deployment, we ran Ansible to update security controls on the various nodes on-premise as well as the Azure
environment.

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 2
● Created VPC environments (private and public network design) using Terraform as a way to deploy and build
code (Infrastructure-as-Code) for users to consume. Created [Link], [Link], [Link] and [Link] files for
resource deployment from vWAN, VPN and not limited to load-balancers. Uploaded code to Azure DevOps to
test code to ensure its resource creation capability ran without error.
● Implemented DevOps security solutions using Ansible, Python, Bash-Shell, GCP-CLI, AWS-CLI and Azure-CLI to
address the cybersecurity short-comings of the applications, updated the Ansible code to add applications and
mitigate their security concerns. Created a menu driven (data dictionary) security solution to address the needs
of the organization from application deployment to NIST 800-53 Rev 4/5, NIST 800-37, NIST 800-171 (Risk
Management Framework (created the solution using Python, PowerShell, Azure Cli (AzCli), Ansible, YAML and
Terraform).
● Wrote SeLinux security solutions using “Ansible-Playbook [Link] -b -i <server>,” to secure home
directories, web directories and specific ports (ex. 2222) to be used or allowed by the system even after a
reboot. Semanage ports and semanage fecontext to secure filesystems, applications and ports identified by our
continuous monitoring system. In addition, used “Cockpit” on Redhat based systems to identify SeLinux items
that were being blocked by the system, this process worked in concert with the UFW ( Uncomplicated Firewall)
using the ‘ufw insert <no> allow in proto tcp from <src> to <dst> port <portno> comment “Enable Specific
ports”’ - recommended security controls from NIST 800-53 Rev. 5 to utilize UFW to block specific access using
IPtables firewall rules (Enterprise Deployment can be implemented using ansible -playbooks and Python import
modules).
● Employed numerous tools from the private
sector and open-source community to address
their Kubernetes, Security, and Cloud solutions
using various Cloud Service Providers (CSP) as a
way to replicate data from database/api
applications, we were able to create a single
“Source of Truth” where information is
protected using a multitude of tools from
Crowdstrike (Continuous Monitoring), Macrium
(Backup/Recovery), Palo-Alto XDR and Cortex
(SOAR), Azure Sentinel, Azure Defender, AWS
Organizational Groups, AWS/Azure Active
Directory, Wazuh, Qmulos/Splunk and an
assortment of other tools.
● Employed Machine Learning (ML) at the edge and core of the network by deploying helm chart agents to the
virtual machine on each of the cloud provider resources, the information was sent back to a central repository
where statistics and online charts were displayed, we segmented the resources using object containers where
we could easily select the drop-down to identify the location, floor and room (tags are used to help identify the
resource from the cloud and ML standpoint).
● Created an Azure VDI environment using Azure AZCli and BashShell scripting (used AzCli as the backend
processing language and BashShell as the front-end, development using Python (import subprocess and os) to
provide the menu capability using the “Try|While|Except '' to process errors, improved the process from the
existing statements to improve processing capability and faster error identification and correction during the
variable “input” process. BashShell coding was written using “function” and “read” statements (“read -p” - user
input and “read -s - used for secure password entries), this process allowed the user to ask questions and obtain
responses, secondly, created a menu driven selection [1-9] to allow the user to make choices Python or
BashShell, finally, created case statements where the selection retrieved the function statements that allowed
the creation of hostpools, workspaces, application ids, and registration keys. The exercise allowed the users to
create virtual desktop environments using the tools from Azure, BashShell (while, for loops, arrays, read,
input/output statements). Also, incorporated Python programming to address some of the security issues
identified from the Wazuh application (the application identified the security controls that were not in place,

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 3
 addressed numerous concerns relating to kernel, container, networking, virtualization, system controls,
application deployment, config file updates, etc.).

DataGlove/Persistent, Inc
Enterprise Cloud/Solutions Architect/Engineer (Microsoft Cloud Solutions Consultant)
Online/Remote Project work for the Microsoft Corporation Oct. 2020 – Aug.. 2022
● Worked with Microsoft and Microsoft clients to address their Kubernetes, Security, Cloud solutions using Azure
as a way to migrate hundreds of applications to the cloud. Wrote code in Terraform using modules and
[Link], [Link] and [Link] files. The code was uploaded to Azure DevOps (ADO) using Microsoft Visual
Studio Code, the same process applied to different projects. Also, implemented security aspects of the
environment using AAD, IAM Policies, MS Defender, Insights, KeyVault, and Encryption tools. Found a way to
automate an assortment of tools using Python, BashShell, Terraform, PowerShell and Ansible to create a menu
drive deployment process using Python as the front-end, Ansible as the remote deployment language (this
worked with VMSS, Kubernetes, YAML, Applications, and security controls).
● Worked on the AT&T project to migrate 1500 applications to the Azure cloud. Worked with development teams
to address their migration process using Azure DevOps (ADO). We implemented CI/CD pipelines using ADO as
the code repository base, the code was uploaded using MS Visual Studio. Attended nu merous meetings
throughout the day to address customer issues (we provided Tier III support) to the various AT&T members
during their migration process.
● Lead the Microsoft Kyndryl/IBM project to offer and provide guidance to the support team members and ran
training sessions to the members. Included members from the Microsoft/RedHat OpenShift platform where we
educated the various team members of how-to properly integrate, deploy and configure OpenShift solutions
along with providing security solutions to the customer (MS Cloud Defender, Sentinel, Qualys, and any security
recommendations) to various cloud service providers. The solution gave the organization the ability to create
virtual machines, load-balancers, virtual storage (Blob Storage), network security groups (NSGs), AzCli and
Terraform coding solutions were provided to Kyndryl personnel.
● Addressed the CGI project to address working team members on how to implement an Azure Onsite Platform.
The platform was retrofitted at the customer’s site, we had to plan and configure the IP addressing schemes,
deploy storage environments and create virtual machines (Virtual Clustering solutions) that utilized load -
balancers, NSGs and other components. Resolve a number of issues the customer faced using Terraform and
AzCli solutions. We also provided the customer with customized code from Hashicorp Terraform to create large
scale environments for the customer to review and deploy during their rollout phas e.

Wipro/VFC/Kontoor Project
Microsoft Azure Enterprise Cloud Solutions Architect
VFC/Kontoor location in Greensboro, NC Oct. 2019 – Oct. 2020
● Developed a cloud initiative with their existing environment. Attended numerous meetings with the client to
address their retail market, provided insight as to implementing resources in their Azure cloud. An example of
such design can be found on [Link]
● Provided the customer with technical support of their virtual zOS environment in the cloud. The customer used
DB2 databases where we were able to install the databases and test connectivity with their existing applications.
Wrote AzCli cloud to deploy resources in their environment along with Terraform and PowerShell.
● Wrote an entire CI/CD pipeline environment using working with their clients to install software that connects to
various cloud service providers. The solution gave the organization the ability to stand up in an environment
with limited user interaction.
● Created Azure Storage Accounts/Virtual Shares, NSGs (Network Security Groups), Azure Sentinel (Microsoft
Security Information and Event Management System or SIEM), Azure Defender, Azure Active Directory
Synchronization, Azure Bastion (Global Filtering Solution), Privileged Identity Management (PIM), IAM
management, Wrote Code using Azure CLI and BashShell scripting.

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 4
 ● Implemented Load-Balancers (LBs) for their front-end application, made recommendations to utilize our layered
approach using Zones (Zone n+1), the application has specific Application Programming Interface (API)
connectivity where we segmented the connections/ports for specific online applications. Worked with the
varying groups to bring them up to speed as to how Azure worked (Greenfield environment) and directed
groups regarding issues they had with the RedHat environments. The customer implemented a SAS
environment, they ran into problems with specific disks, we addressed the issue by utilizing boot -diagnostics and
logging into the serial console, the automated deployment process needed to be revamped and the server
configuration for a
● Designed graphs and chart as to how the system is laid out and implemented a test environment where the
group could review the design and cluster configuration - [Link]

Assurance Data, Inc.

Enterprise Cloud/Solutions Architect/Engineer (OPM Cloud Consultant)
Enterprise Datacenter Architect, Alexandria, VA Sep. 2018 – Sept. 2019
● Worked with their clients to install software that connects to various cloud service providers. The solution gave
the organization the ability to create shares from our virtual machines (Windows 2019 servers), we incorporated
this capability into the DR strategy using asynchronous replication across multiple cloud providers over 10Gb
WAN connections (this capability allows for constant updates from MSSQL or MySQL databases and or a regular
files).
● Designed and worked with software solutions to address issues from Assurance Data/PKWare to address
Microsoft APPV Installation and configuration issues (Microsoft’s Application Virtualization Solution).
● Troubleshot the installation of the application in a test environment, the environment included Dell RS servers
with NetApp storage that served 2TB of storage for their test environment. The final design allowed for
virtualized applications to be stood-up in the Milwaukee location (PKWare).
● Failed over the environment using Windows 2016 to 2019 servers (MSCS HA Failover capability). This setup
allowed for failover and failback of the application running on Microsoft Cluster Service (MSCS) configuration to
be used with a fault tolerant design.
● In addition, OPM (Office of Personnel) Management was the second client, the project work involved writing
proposal and Architecting the VMware NSX Design, this would be used for the office multi-datacenter setup (1x
Location in DC, 2x Locations in GA).
● Setup an NSX server environment using an SDLC Enterprise approach; we implemented Link-Local connectivity
between multiple sites (preferred IPv6 which allowed for seamless connectivity of the various ESXi hosts, each
server was setup to run vDistributed switches.
● The three basic servers were the controllers (primary and secondary NSX servers) which consisted of gateways,
firewall, and QoS/ToS, OSPF, DHCP, BGP, VxLAN and network layer management. The NMS system used was
VMware’s Network Insight, a tool that is used to provide oversight into how the environment is performing.
Once the design was submitted to the client (OPM), a review of the setup was done by VMware to ensure the
setup met their stringent guidelines (Assessment, Project Plan, Cost Projections, System Analysis, Personnel
Review/Training and Application Integration). Implemented test environment(s) for the customer’s review,
provided a project plan with the necessary personnel to assist with the rollout and deployment of NSX.
● Made recommendations and provided insight utilizing the Kubernetes/Docker solution, this would give the
application development team a “sandbox” where they could spin up images on the fly using Docker’s
deployment procedures; the images came from [Link]. Added features and capabilities to images
using the
● Implemented the “Dockerfile” process (this process involves creating a file called “Dockerfile”, by adding lines of
code, we can change the characteristics and image execution as a result of installing and configuring elements
suitable for image consumption (part of the “Docker push/pull” process).

San Antonio Water Systems (SAWS)

Enterprise Solutions Architect for the Water Systems Project

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 5
Enterprise Solutions Architect, San Antonio TX Feb. 2018 – Sep. 2018
● Reviewed the security posture of the organization and addressed their Cloud deployment with AWS and Azure.
Identified areas of improvement by resolving issues with their application deployment process, setup a
deployment with the application development team to deploy servers using the AWSCLI process .
● Worked with the Azure team to deploy systems using PowerShell (v5.1). Addressed their security concerns by
locking down the “Security Groups – AWS Nomenclature'' and “Network Security Groups – Azure", by reviewing
the subnets and removing the “Any'' statements in areas where the subnet should flow into another subnet or
address range. Worked with the SCCM, Cherwell, FireScope and SQL team to implement a centralized CMDB
structure, worked with the various team to create a centralized view (System-View, basically take tables from
SCCM, merge those tables using inner-join statements along with where clauses, group by, order and having
statements), then map the Column-Names to the fields presented in Cherwell to create a Workstation, Server,
Storage and Network Device database where we could start associating pricing to the various assets).
● Empowered upper-management by allowing the group to make better business decisions from the model we
implemented, the development process allowed the members to interface with the accounting department
using the serial numbers as primary keys, the keys allowed management to track hardware and software
expenditures associated with laptops and an assortment of other technical devices. We spent a few months in
order to get this accomplished where the organization had spent years to develop.
● Created elaborate Visio architectural diagrams for the executive management to review, worked directly with
the CIO and Directors (Application, Network, Security and Sys-Admin) to understand how the existing
Infrastructure was setup (phase 1), the second aspect would be to map the application to the virtual/physical
asset and determine root-cause analysis (phase 2) if any of the components were to fail.
● Trained individuals on an assortment of tools that SAWS provided onsite, some of which included HPE Info-Sight
(HPE Nimble Cloud Analytics System), SolarWinds (Microsoft Asset/Patch Management System), NetBrain
(Network Mapping/Troubleshooting/Engineering Tool), Tenable Security Center (Security Suite), AWS/Azure
Cloud Portals, Confluence (Application Wiki), ExtraHop (Network Flow Analyzer), CA Introscope, Atlassian (Jira –
Project Management System) and Cherwell (Asset Tracking/Reporting and Service Management Application).
● Worked with the purchasing and cost team to perform a cost analysis of Azure’s “Serverless” Cloud platform, we
were able to reduce the cost by $5,000 a month by utilizing API standard as opposed to API premium and we
were able to reduce costs by an additional $2,500 by moving to a shared tenancy environment as opposed to an
“isolated” environment (this proved to be beneficial in the long-run to the cost savings expressed in their POC –
[Link] – environment).
● Mapped out (Visio) the Exchange 2016 server environment along with the Commercial and Project Management
System environment, worked with all of the various groups to determine proper connectivity and dependencies.
Implemented a Docker/Kubernetes environment to be used in their testing environment using Nginx,
MySQL/PostGreSQL, PHP 7+, port assignment, device mapping, Dockerfile, sysctl –w ip_forwarding, IPtables –
firewall filtering using Conntrack (capture specific security anomalies) and used Extrahop and Splunk (SIEM) as
an intercept tool.
● Implemented Extrahop RevealX (cyber security tool), by placing this application on an isolated hardened server,
the traffic was redirected from a core switch to a mirrored port, the traffic was isolated to all traffic to flow to
the solution, this also reduced the end-user’s attack vector while at the same time allowing the organization to
view potential threats and vulnerabilities. And finally, utilized ExtraHop NMS v6.1.2.2052 to create device
groups, graphs, charts, activity maps (PDFs, PNG, VDX), we were able to gather intelligence based on the
number of sessions (MSSQL 1433/tcp or Oracle 1521/tcp, HTTP(s), SMTP 25/tcp, DNS 53/tcp, CIFS, SSH 22/tcp,
RPC, NFS) that connect to various internal and external servers , the version of Extrahop is version v6.1.2.2052.

Assurance Data, Inc., Alexandria, VA

HPE Subject Matter Expert (Blade Server, Storage and Switching Environment)
Cloud, Virtualization, Storage, Security and Networking Engineer July 2017 – Feb. 2018
● Configured their HP Blade System Environment (C7000) along with their network (HPE Virtual Connect and Dell
Switches) along with connecting their existing storage array (Tintri Storage Array).

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 6
 ● The engagement involved working and engaging with some of their clients (resolved issues with Cisco switches
and routers, writing Statement of Work for Office of Personnel Management – OPM, and engaging their team to
provide training and cloud expertise).
● Resolved issues with their 1CRM platform, identified the issues they had with the platform, addressed an RPM
issue where the customer was trying to upgrade the existing RPMs for 1CRM upgrade process but identified an
issue with a particular RPM (was able to address the issue within a one hour timeframe, most of the time was
involved with reading application material).
● Resolved issues with Linux systems from Centos 7, Redhat 7, Microsoft Windows 2016 Servers, Microsoft SQL
Server 2012-2016 and VMWare 6.5 U1/ESXI 6.5, currently working with the client upgrade their existing
environment to VMware 6.7 with NSX, vRealize Automation. Upgraded their server Oracle Sun Systems
environment to HPE Blade (C7000) server environment utilizing automated deployment process. The process
involved deploying the image to a thumb-drive (system runs from thumb-drive, copied the thumb-drive image
and deployed to other BL4xxi-BL6xxi servers).
● Provided support to the Blade environment by USB thumb-drive to the HP Blade server to bootup ESXi
(improved processing capability). Connected the storage to the blade chassis by presenting the storage volume
to the ESXI servers, allocated volumes to the various blade servers, installed vSphere Server on a virtual image
(created a cluster using PostgreSQL Clustering Capability) then connected the servers to the vLA Ns to setup on
the Dell 8000 switches.
● Configured Palo-Alto was part of the firewall configuration but that was primarily setup for routing traffic and
DMZ configuration (recommended we utilize another firewall in the mix so offset vendor/mfg. dependency in
case firmware and/or IOS version problems arise).
● Recommended we move to vRealize Automation and NSX for vDistributed Vswitch environment and private
cloud configuration, the customer purchased the licenses for deployment of the three vRealize Automation
Controller environment, along with Firewall, DHCP, QoS, Auto-Deployment, Workflow, vXLAN (Segmentation)
and AD Federated Services user integration).

SRL TotalSource (Cloud Architect/Consultant), Waldorf, MD

Chief Datacenter/Network/Storage/Cloud/Security Architect
Storage, Virtualization, Cloud, Network (Contractor) Dec. 2016 – July 2017
● Configured, implemented and trained various contractors to be well versed using VMware and AWS. Integrated
the Certified RedHat group with the storage and cloud teams to create one unified computing team.
● Worked with an assortment of clients from AWS, IBM Softlayer, VMware vCloud/vRealize, Digital Ocean and
Azure Cloud computing services. Worked with engineering and statistical groups where we created cloud IaaS
environments for projects within the organization. BCC (Bowie Computing Center) was the primary location but
facilitated meetings at the SFC (Suitland, MD) HQ to socialize the cloud computing concept with the various
groups.
● Wrote programs for HHS to import XML data to the new TTA Database (MS SQL 2012 Database), worked with
FM Talent to address the XML issues they had (wrote PowerShell script to import XML data from HHS to the new
system).
● Configured HP EVA 8X00 to HP 3Par Disk Arrays, FreeNAS 9.X NAS tool, Synology, Nexenta Virtual Disk
Management and Solaris 11 NFS exports. In addition, configured a virtual storage environment using FreeNAS
9.X RC1 (Beta Version) which integrated with EMC, 3Par and JBOD storage array environment. Developed
relationships with Actifio (virtualized storage solution that uses IBM SVC to provide deduplication, compression,
replication, backup among other things)
● Implemented and deployed VMware 4.1 – 5.1 ESXi servers and Virtual Center 5.x-6.x (upgraded VSphere VC 5.5
to VSphere 6.5 on AMD x86_64 and Intel x86/x86_64 processors running Windows 2016 Server).
● Setup Virtual Distributed Switches, Orchestrator, Operations Manager, vCloud Director, vApp (ThinApp),
vDiscovery, Solarwinds Virtual Manager and Storage Management for the virtual environment. Implemented
OpenNMS (using PostgreSQL, IPtables, Selinux, Apparmor) where the system monitors systems using IPv6/IPv4
networks from a remote location. Architected and implemented OpenNMS, Operations Manager 10.X, designed

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 7
 and configured vFoglight for Virtual and Physical environments. Implemented Hitachi Operations Manager or
Director; worked with Symantec Operations Manager and others.
● Tested Microsoft Hyper-V 2016 (Hyper-V v3) to run on standalone machines, Hyper-V does not seem to work
when it is running on VMware, (extensive testing to ensure deployment does not affect other Virtualized
environments).
● Designed and tested environments using Hadoop and Chef clustering capability on virtual machines to
implement proof of concept (used HP C7000 Blade Servers with HP 3Par storage using SSDs, Brocade VDX
devices and NAND PCIe Flash on storage devices), worked with the various groups from the DevOps side to
address issues relating to Auto-scaling (scaled the applications to work in an elastic environment using tools
from AWS, the tools interfaced directly with the application port, this process ensured the application was
healthy using AWS performance monitoring tools - CloudWatch/CloudTrail) and Auto-Tiering - moving the data
from one level of storage to another to offset cloud disk costs (Performance disks from IBM and Elastic Block
Storage from AWS)
● Implemented 5x IPv6 networks for various locations in the DC, VA, NC and MD areas using tools from [Link],
tunnelbroker (Hurricane Electric – [Link]/64) and [Link] as a tunneling solution to IPv4
networks (prefix ranges [Link]/64, [Link]/56. In addition, setup radvd (DHCPv6 for
Linux), DHCPv6 to integrate with Active Directory and Citrix Xendesktop/VMware Horizon Virtual Desktop
Solutions (Citrix IPv6 - [Link] where the network was based on IPv4 and IPv6
address space (added module for IPv6 using modprobe or depmod).
● Configured and deployed Cisco MDS 9216 (fw: 3.3.4) and Brocade Fibre Channel Switches (all models). Designed
better storage solutions for Citrix and VMware using open-source tools from various service providers.
Configured Cisco 9216 to be clustered in a Virtualized SDV/CFS environment to provide High Availability (HA) at
the fabric level. Zone configuration involved using
● Configured and deployed Cisco Call Manager and UCS for VMware 5.x – 6.x servers (required to use versions 9.1
and higher). Configured Cisco 9216 to be clustered in a virtualized SDV/CFS environment to provide High
Availability (HA) at the fabric level. Zone configuration involves using virtual device alias (conf term | device -alias
database | device-alias name ESX5 PWWN [Link] | do copy run start).
● Installed and configured Linux/Unix servers running various flavors of Linux (Redhat 5.X -6.X, Ubuntu 12.10,
11.10-12.04, OpenSuse 1X.X, Solaris 11 and ClearOs running kernel version 2.6.18-194.8.1v5). Currently there is
a portal setup to give the user the ability to select an approved list of applications using Acronis 2013 Enterprise
edition to deploy custom server images across the cloud to the VMware environment.
● Finalized VMware Operations Manager, vFoglight, VMTurbo, Xengati and Veeam to provide statistical support
on how the environment fairs and what changes we need to take to optimize the environment (infrastructure
optimization).
● Made recommended tunable system changes to various systems to improve performance at the kernel level to
allow for peak/optimal performance. VMware best practices were followed by patching the VMware ESX 5.5-6.5
using VMware Update Manager (plugin), in addition, security scripts were created from this process to improve
our patched and security environment. Security compliance was paramount among known security agencies
where we followed various NIST security standards (NIST 800-53, 800-144 – 800-146, 800-92 - 800-94) ; Dept. of
Treasury, TSA, Constellation Energy, State of Rhode Island, Census Bureau and AO US Court are to name a few.
● Configured Wireless devices DAP-2553 (3 point antennas, upgraded fw: 1.12) using multiple SSIDs to overlap
creating an extended wireless network using WPA/WPA2 Personal and Enterprise (Radius
Authentication/Accounting).
● Configured SIEM Systems for various organizations (SNMP Security and Eastern Avenue, SIEM = Security
Information and Event Management) which involved HP Arcsight, Enterasys SIEM, Solarwinds SIEM and others;
most of which included NIDS, HIDS solutions from Enterasys Netsight Atlas, McAfee EPO, Tripwire Security Suite,
TrendMicro, Security Onion and VMware Endpoint security. Provided leadership by orchestrating schedules with
key-personnel from the building management personnel to office tenants. Tested various wireless networks
using LanRover, Xirrus Wireless Scanner and other COTS products along with configured Wireless Camera
systems from Foscam and Blue Iris Software. Answered a number of questions and tickets using Mantis (web -
ticketing system – [Link] while providing updates to customers within the

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 8
 building. Maintained budgets and while keeping schedules in line with the project. Configured various network
monitoring tools (Base – Intrusion Detection System, OpenVas/Nessus, IBM Appscan/Optimization, IPtables,
Selinux, Nmap, Logwatch, and using ClearOS & Ubuntu – Linux Variant) to help with analyzing and identifying
network and security anomalies. Monitored two 25 Mb Comcast circuits that terminated into two demarc points
(designed if disaster occurs so as to not take out the network from ingress and egress points).
● Oversaw cabling and power contractors who were hired to wire various sections of the building. Oversaw all
network connections in the building, connections converged back to the various wiring closets (floor 1-6).
● Implemented an e-ticketing system for ITOTS [Link] and Helpdesk tracking
[Link] (Sendmail, MySQL 7.x, Apache 2.x, IPtables, PHP 4.X/5.X and RHEL 7.x).
Provided VMware products, quotes or support (vCenter, vCloud Director, Endpoint) to various customers some
of which include the State of Rhode Island, SNMP Security, Noraye LLC and APS Security LLC. Implemented three
storage environments ITOTS Networks LLC, one of which involved backup, 2nd involved N etwork Monitoring and
management using IPv6 protocols for state-to-state management, and the final cloud environment was used for
testing of CloudStack and Openstack.
● Designed wireless networks using D-Link, Aruba, Juniper and Cisco APs (Access Points); while managing the
environment using “Unified Access & Secured Remote Access” from Aruba, Google Device Management and
Airwatch for MDM/AP device management. Implemented testing procedures for Openflow v1.X protocols using
HP Procurve 5500, IBM 10-40GB Blade Switches and Cisco switches that support the Openflow v1.3 protocols
(SDN = Software Defined Network). The environment currently consists of Fedora v2x servers running Open
vSwitch, the project is based on sending multiple packets across disparate networks using Openflow vSwitches
to route data IPv4/IPv6 packets (touted that IPv6 is supported using Openflow v1.3) across the backbone to
improve performance and reliability at the server and storage virtualization layers (project: Openflow).

Federal Working Group, Arlington, VA

Census Bureau Cloud Migration Project, Bowie, MD
Enterprise Solutions Architect (Redhat, Virtualization and Cloud) July 2016 – Dec. 2016
● Worked with the Federal Working Group (FWG), IBM and CSRA to put together a proposal to address the needs
of the Census Bureau. The project involved presenting, engineering and diagramming Cloud/Virtualized, Docker
solutions for the Suitland, MD (HQ) location to use. The solution encompassed blade systems, CSRA’s Level I
Fedramp Datacenter, VMware, AWS/Azure and Docker’s container.
● The solution allowed for users to deploy applications to the same servers without conflict, we were able to
isolate the applications like “Nginx”, “MySQL”, “PostGreSQL” and “Apache” in a way where the processes could
be allocated to specific datacenter owners. In addition, we wrapped the security concerns using “IPTables” and
“Fail2ban” (dynamic access control application that thwarts external threats at the application layer) automated
ACL control lists. From a SAN perspective, we recommended using a “Hyper-converged” environment using
“Scale Computing” “Nutanix” and “Simplivity”.

HHS/FMTalent (Project - Remote) Rockville, MD June 2016 – Aug. 2016

● Worked with the HHS/FM-Talent database development team to resolve an issue HHS XML extraction and
import process to an existing database.
● Identified problems with certain XML documents not passing an XML validation test.
● Wrote PowerShell script to download the zip files from an ftp site, extract the file to a designated directory on
developer’s desktop, validate if the files are properly formulated XML documents, listed and counted the
extracted files, opened and inserted each file with the following tags: <hhs> </hhs>. This process ensured the
files met our internal XML validation process.
● Enhanced versions of the application are being ported over to Python using the “import xml, import re, and
import URLLIB to help formulate and correct XML and XML’s schema file types (i.e. xsd).
● Will continue to work with the programming group to ensure the process is streamlined using existing tools
from Linux and Windows environments.

Hewlett Packard, Rockville, MD

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 9
Nokia/ Siemens/ Verizon (Project), Irving, TX
HPE Subject Matter Expert (Cloud, Server, and Storage Systems) Dec 2015 – June
2016
● Reviewed client processes and procedures for HP/Nokia/Siemens (NSN) client - Verizon. The project entailed
working with NSN development and support team to address the software integration (HSS, CSCF, etc.) with
HP’s Blade Server C7000 chassis. HP (HP Certified Engineer – Todd) provides support to the various members of
the Verizon and NSN teams ranging from but not limited to error analysis, support incident tracking, training,
active health status reporting, HP best C7000/BL5XX/BL6XX practices and acts as an onsite liaison to HP’s
business/support processes.
● In the process of creating a prototype for measuring failures in the field, a ticket tracking system for this project
called “Open-Source Incident Tracking – SIT”.
● Worked with Nokia to identify and track hardware failures, provide incident reports and review hardware
failures to improve the manufacturing and logistical process.
● Developed NSN’s best business practices and process improvements for implementing HP’s blade server into
Verizon’s existing telecom environment (using HP’s Virtual Connect Flex10D -10G- technology). Numerous
recommendations for the design are as follows:
● Configured SUS (Shared Uplink Set) to work with their existing Cisco & Juniper Switches, setup LACP (Link
Aggregation Control Protocol) to be used with creating a 20GB connection (2x 10G connections to the cisco
switches)
● Took advantage of Openflow v1.3 technology (virtual switch) to send data across disparate switches by using a
virtual switch to manage the traffic
● Implemented NIST 800-53 standards when rolling out software to clients (Gold Image Standard using Redhat 6.X
security standards)
● Redesigned their vLAN set to run from the SUS connection, this allows for vLANs to traverse over the two 10G
connections that lead back to two redundant switches
● Implemented virtualized solutions where VMware or Citrix would be used a virtualized solution where the
physical hardware could be ported over to the virtualized environment, this would reduce application/database
lifecycle when the application is brought to market
● Suggested using Solid State Disks (SSDs) as part of the disk solution setup in Mirrored (Raid 1) state
● Used HP’s Predefined World Wide Name (WWN), Serial Numbers and MAC (Media Access Control) addresses to
reduce the maintenance and security design considerations
● Implemented a hardware failure tracking system for historical analysis of failures to determine the OEM’s MTBF
(Mean Time Before Failure) so the client can make recommendations use another vendor in their manufacturing
process
● Designed private cloud solutions to assist with the application/development approach by replicating the
problems in a controlled environment (improve error analysis process)

AceInfo Solutions, Inc/Census Bureau (Project), Bowie, MD Mar 2015 – Dec 2015
● Lead Infrastructure Engineer/Architect provides strategic insight into the BCC (Bowie Computing Center for the
US Census Bureau) decennial data gathering environment. Current tasks involve facilitated meetings with
numerous clients within the USCB, submitting surveys, performed Cloud consulting for various CSPs (AWS, IBM
Softlayer, VMware Cloud, and MS Azure), reviewed and created intricate cloud diagrams (i.e. network,
application, storage, security, network management solutions).
● Resolved issues with internal client’s use of Cloud services, provided training to the group, reviewed and
updated the organization’s enterprise architecture and IT Strategy plan and roadmap for the organization’s
Cloud computing services. Once strategic goals, processes and procedures are reviewed, surveys will go out to
the various leads of the organization to provide insight into their relative areas of expertise. This survey (excel)
will be compiled into a statistical document (excel or database of choice) to allow for extrapolation of data; this
data will be used to determine cost of equipment and allow for CSvD decision making based on gathered
assessment data. The Enterprise Architecture of choice comes from DoDAF framework which was enhanced by
TOGAF 9.1:

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 10
 ● Acted as a SME to address AWS, IBM Softlayer, VMware and MS Azure Cloud computing environments; made
numerous recommendations to use IBM’s SmartCloud Orchestrator, RHEL Cloud Forms, Dell Cloud Manager; in
addition, provided expertise on implementing storage, monitoring, network, security and server enterprise class
environments from IBM HS22 – HS23, IBM Storage Volume Controllers (SVC), Redhat 6-7, Citrix VDI
implementation, data modeling, implementing Enterprise Architectures and providing an over-arching plan to
address process improvement (ITILv3). In the process of creating a matrix where TOGAF 9.1 (Enterprise
Architecture), ITILv3 (Service Architecture) and Census IT Strategic Roadmap are merged with the
● Invoked a Census’s business processes to allow “Boundless Informational Flow” where blocks (i.e. information,
policies) build structures (i.e. infrastructure) to create a delivery model that is repeatable and fluid enough to
allow for agile private and hybrid cloud environments; the tools used to create this paradigm range from
numerous hardware/software vendors (e.g. IBM Cloud Orchestrator, Redhat Cloud-Forms, HP Helion Openstack,
AWS EC2/CIS AMI/S3/ELB/EBS and Eucalyptus)

Armed Forces Services Corporation (Project), Arlington, VA Feb 2014 – Jun 2014
● Forklifted Armed Forces Services Corporation (AFSC) existing network to run their existing 5+ office locations on
JunOS SRX firewalls, the existing network runs on Cisco ASA 5510 firewalls, HP/Dell Switches, the existing design
will be run on Juniper Firewalls (SRX240H2), EX4200-48T/P switches and MAG SSL/IPSec/VPN device to be used
as site to site and end-user tunnel over IPv4 protocols.
● Designed Future plans to address some of the connectivity issues using IPv6, this capability will give the users
the ability to connect directly to the sites without involving an intermediary device (IPv6 with Juniper gives us
the ability to establish Site-to-Site VPN connections IPsec/SSL capability built into the protocol (RFC 2402, 2406,
2407) along with AES256 ESP/AH IPSec VPN IPv6 cryptographic capability. The internal design is based on OSPF
and static routes to allow connectivity from external locations using trust and untrusted zones.
● Created Natted (route private address traffic to the public/Internet by utilizing external facing IP Addresses)
environment to allow internal traffic to traverse zones using Comcast and Covad network connections.
● Identified the IP address range [Link]/16 has been identified as being problematic, resolved the issue by
implementing the 192.168.[10-50].0/24 to be carved out to allow for vLAN design and implemented using VLAN
10, 20, 30, 40, and 50 as the subnet range making the architectural design easier to manage (improved root-
cause analysis and troubleshooting).

Dept. of Treasury/IRS/Criminal Investigation (Project), Alexandria, VA June 2012 – Dec 2013

● Provided installation, configuration and leadership using VMware 4.1, NetApp 3050-6080 Disk Arrays, HP Fibre
Channel Switches, Cisco MDS 9000 Fibre Channel Switches, Cisco ASA Firewalls, Cisco ASC (Tacacs/Radius/Active
Directory/Syslog, etc.) while using Dynamic Ops (DevOps) 4.0 to configure a private cloud computing paradigms
for the Criminal Investigation division of the IRS.
● Setup and maintained Netapp 6X00 and 3X00 model storage arrays for the VMware DoT Virtualization Security
project, this project allowed the Treasury agents to create virtualized environments to analyze Justice
Department data from asset seizure cases.
● Implemented SnapMirror to replicate this data to other sites for DoJ analysis purposes while SnapVault was used
to backup VMs allocated for specific purposes while DoJ data would be sent to other filers for analysis by other
agents (this client/server and agent configuration used Qtrees as a way to sort through the data using different
operating file systems).
● Wrote Powershell scripts to manage the Virtual Hosts, Netapp storage arrays and Windows servers.
● Worked with CI and Booz Allen staff to put together PowerShell scripts for reporting purposes and automated
installation/configuration of the VMware ESXi server 4.1.0 and later design of VMware 5.1.0 was later
implemented as part of phase 2 of the design.

Dept. of Treasury/IRS (Project), Lanham, MD Oct 2010 – June 2012

● Provided leadership on various projects involving storage/backup, classification, network and virtualization
initiatives. Provided the customer (Dept. of Treasury/IRS) with an Architectural roadmap and implementation

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 11
 strategy in developing cloud computing process/procedures, virtualization models/strategy while implementing,
Enterprise Storage Resource & Management tools and directing D2D/VTL solutions for the Enterprise.
● Provided BigData solutions to Treasury by suggesting and implementing Greenplumb database and Flash Storage
System solutions using Hadoop (Big-Data Analytics) and Splunk (Security Analysis), the solution would perform
data-mining solutions for disparate storage systems ranging from IBM DS8X00, EMC DMX and HP 3par/EVA
(inventory of existing system included 10PB of raw data in their West Virginia Datacenter facility).
● Reviewed an assortment of storage systems ranging from but not limited to IBM, Hitachi, HP, and EMC disk
arrays to create a centralized replicated storage concept using IBM virtualized storage environment, their
environment expanded from New Carrollton, MD, Memphis and West Virginia.
● Storage, Backup, Process and File services are provided to internal business units using applications from a
tiered method of data classification. Provided solutions to the enterprise ranging from but not limited to and
Enterprise Storage Resource and Management tools, ‘Storage as a Service’, ‘Backup as a Service’, clouding
computing models using chargeback methods (using Radius as the accounting system), Hierarchical Storage
Management (HSM), server security methods and ‘Infrastructure as a Service’ methodologies.
● The primary work involved architecting and designing environments to improve the existing IRS virtualization,
storage and backup environments. Guidelines were implemented and followed from NIST, IRS, FEDRAMP and
FISMA to ensure security and operational awareness.

SRA International, Arlington, VA

Administrative Office of the United States Courts (Washington, DC)
Sr. Redhat Engineer/HP Systems/Network Engineer (Contractor) Oct. 2009 – May 2010
● Installed, configured, designed and maintained datacenter products for the Administrative Office (AO) US Courts
Federal Division. Provided leadership on various projects involving Redhat Server configuration, HP Blade Server,
Storage Systems and Backup design. Other aspects of the project included working with VMware ESX 4.1-5.1 and
Virtual Center, EVA and Hitachi Storage, Network and Systems Integration etc.
● Implemented various projects ranged from Judicial Enterprise Computing Division, Networking systems WAN
Group (Sprint Datacenter located in Reston, VA), Information Management Division (IMD), Judicial Enterprise
Network Information Exchange (JENIE), and Division, Replication and Email Messaging (Lotus Notes) Division and
others.
● Implemented an e-ticket and tracking system for AO US Courts called Mantis (Sendmail, MySQL 5.1, Apache 2.x,
and IPtables, PHP 4.X and RHEL 5.3-5.4). Worked with various groups providing insight into network designs and
layouts to ensure failover, reliability and thorough put from the different projects and courts.
● Worked with teams to configure multipathing regarding the storage environment to ensure storage connectivity
remained intact. Configured, Implemented and trained engineers using network management tools (HP SIM,
Storage Essentials, HP Rapid Deployment (Altiris), OpenManager 8 and OpenNMS).
● Setup and Implemented additional Opensource Network Management tools like Nagios and Zabbix (Network
Management and reporting tool). Implemented HP Storage Essentials (DL380 G5, Oracle 10G with patches,
Windows 2003 Server (locked down) on the third floor lab. Jenie Project included Redhat XEN and KVM along
with JDC, PACTs and other projects in the AO.
● Suggested global deployment of Mantis and Zentrack, implemented to keep track of events, outages and other
identified anomalies (pending AO world-wide implementation of Opensource products from Branch Chief).

Hewlett Packard, Columbia, MD Office 12/05 – 07/09

HPE Certified Enterprise Engineer (Employee)
● Responsibilities included installing, configuring, designing and maintaining datacenter products for federal,
state, local and commercial organizations ranging from the following: Federal Reserve, US Treasury/IRS, Federal
Trade Commission, USDA, Freddie Mac, Unisys Corporation, L3 Communications, US Courts, Computer
Associates, Lafarge Systems, Applied Biosystems/Celera, Northrop Grumman, Lockheed Martin, Solomon Smith
Barney, Perot Systems, Canon, Cyber, Factset, US Army, US Navy and Air Force, Pentagon, e tc.

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 12
Harris Corporation, Largo, MD – IT Office (Project) 03/08 – 10/08
Infrastructure Architect (Contractor)
● Responsibilities included developing, designing policy and procedures for Datacenter initiatives proposed by the
Census Bureau (FDCA Project) and the Harris Corporation. Designed, installed and configured prototypes for
various departments for Harris ranging from McAfee EPO Policy Servers (Security), Altiris
Deployment/Notification Servers 6.8-6.9 (Operations), Bluecoat ProxySG 810 and Proxy AV (Security), VERITAS
Netbackup Tape solutions (Operations) and Secure Fusion (Security). Worked with VoIP team to configure Cisco
Call Manager on 6506 Switches using Sup 720 III modules running 12.X IOS version, installed POE 48-port
modules to support the various phone systems (Cisco 79XX phones).
● In addition, proposed transition documents to help facilitate the move from Largo, MD to the Sprint Datacenter
located in Reston, VA.
● Key areas of business involved architectural design to network, operations, security and SAN Storage
implementation and management. 1301 McCormick Blvd, Largo, MD, Sprint Datacenter in Reston, VA and
Census Bureau Datacenter located in Bowie, MD were a few locations that hosted Datacenter Processing Center
(DPC) environments.

Constellation Energy Group, Baltimore, MD – IT Office (Project/Contractor) 10/07 – 01/08

● Responsibilities included developing and designing policy and procedures for Datacenter initiatives proposed by
the architect team.
● Installed, configured and designed VMware models using ESX 3.5 server and Virtual Center 2.5. Configured
storage requirements for the site using Netapp filers 3000 – 6000 models.
● Redesigned Blade servers and RDP (Rapid Deployment), Systems Insight Manager, along with IDS tools from
Snort (SourceFire and Base) to identify anomalies in the test environment.
● TACACS/Radius authentication tools, Webmin Management tools, AD implementation and testing were used to
simulate their production environment. Worked with Risk Management, security and corporate executive team
to resolve DMZ project issues using customized scripts to resolve security issues with Windows servers.
● In addition, customized Sun shell scripts to resolve security issues on Solaris and Linux machines. Provided
reports on current infrastructure design, proposed cost analysis involving disaster recovery (DR) projects,
attended numerous meetings with various vendors ranging from HP, Netapps, Sun Microsystems, Microsoft,
Opsware, Data Domain, Texas Systems, EMC, etc.

Unisys Corporation, Reston, VA 01/06 –

07/07
Lead Network Engineer IV (Contractor)
● Worked at the same time during my employment at Hewlett Packard as a Unisys contractor. Responsibilities
included configuring, designing and maintaining datacenters for the Transportation Security Administration
(TSA) and Census Bureau hosting sites. Worked as a consultant where my primary responsibilities entailed
configuring/maintaining all device types from Cisco Systems, Microsoft, Redhat, Solaris, Arcsight and Dell’s
product lines. Worked with the Call management team to install and configure call systems using the Windows
version of Cisco Call Manager 7X.

Centrepetal Solutions, LLP, New Carrollton, MD 04/2002 – 10/2008

Chief Network Architect (Owner)
● Responsibilities included designing and reconfiguring datacenters for numerous organizations of which included
the Nuclear Regulatory Commission (Ashburn, VA), the International Broadcasting Bureau/Voice of America
(Washington, DC), the Center for Medicare and Medicaid (Baltimore, MD), the United States Army Reserve
(Atlanta/Peachtree City) and United States Army (Fort Rucker, AL), Unisys Corporation and the DoD PIMS
(Partnership for Peace Information Management System), the Dept. of Navy (Washington DC), Centrepetal
Solution Strategies (Bowie, MD/Baltimore, MD/Atlanta, GA), Trinidad Energy Department - Petrotrin Energy
Company (Trinidad and Tobago), EzeClinic Medical Practice (Jackson, TN) and DC Government Unified
Communications Center (UCC).

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 13
 ● Wrote proposals for numerous federal, state and local institutions such as Georgia Technology Authority Dell
Management Project, Orange County Transit Authority, North Carolina State University Security Project, Fulton
County Information TechnologyDepartment (Atlanta, GA), Department of Interior and numerous agencies.
● Configured routers and switches with security in mind to include the following: used DITSCAP (DoD Information
Technology Security Certification and Accreditation Process) models, configured v -LANs with IPsec tunnels, used
NSA router/switch configuration models, DITSCAP firewalls configuration (PIX, Checkpoint, and Linux -iptables-
firewalls, etc.), IDS sensors (snort, Cisco, Linux, NetBSD, AIX, etc.), Load balancers (Big IP - F5 Networks,
Radware, Nortel etc), Network Management (Snmpc, HP Openview, Ismart, Cisco works and Whatsup Gold),
redesigned ATM/OSPF network for the US Army reserve with OSPF/ATM/Sprint/MPLS redesign in mind. Made
recommendations in areas of policy change that could affect areas of performance and security by laying out
Visio diagrams and citing sections of US Army security compliance
● Redesigned US Army Reserve network operations at Peachtree city project as it pertains to MPLS redesign.
Created project reports and analysis on Microsoft Project 200X while projects ranged in value from 1 million to
200 million. Performed network assessment and redesign of Unix/Cisco systems for Unisys Corporation in
Chantilly, VA.
● Installed, configured and maintained office Cisco Call Management system for the office 6X -7.X versions of Call
Manager and UCS using CiscoWorks to manage the environment. Installed and configured Microsoft Project
Server at various sites to help identify issues with the State and Local government projects. Trained individuals
using Microsoft Project and the collaboration features similar to Lotus Notes. Configured SAN and Network
Appliances such as Tigi-SAN or HP/Compaq Beowulf Storage Devices using Qlogic switches and Qlogic HBA cards.
Designed and Installed multi-million dollar datacenter equipment for various military installations with best
practices in mind.
● Provided storage solutions for various vendors ranging from TigiCorp, Qlogic, and HP/Compaq San Solutions.
Worked with Unisys representatives on the configuration of ES7000 Servers with multiple partition
configurations in mind (used VMWARE to allow for multiple operating systems to work in accord with business
requirements).
● Worked with EMC, Computer Associates, Anteon, Blue-Parrot, and others in joint ventures on project contracts.
● Performed SDR (Systems Design Review) involving network architecture review and design. Provided network
diagrams and methodologies for planning primary and COOP (Continuance Operations) for various clients.
Performed threat analysis at the various sites using an assortment of tools such as NetRat, Languard, ISS, Web -
Trends, ACID, PhP, Proprietary Web-Tools, Nessus (with approval from staff, some tools were not allowed by
some government installations), Nmap (Windows, Linux & NetBSD), and Snort-2.X. Used Ethereal for analysis of
snort files which helped to identify possible scanning threats at the packet level. Wrote scripts to modify and
secure Windows and UNIX machines from a login script called [Link].
● This script used a Kix32 engine to scan the various commands for vulnerabilities and malicious code. In turn, the
script would identify signatures based on Cert and IANA, Tech-Target and Network/Systems Management and
remove them from the user's desktop without detection. Advised and configured filtering software (Trend,
Norton and McAfee). Configured Radius/Tacacs to work with AS5x00 – 7500 Cisco Routers for authentication
using Windows authorized users.
● Finally, designed wireless environments using 802.1x (Radius authentication, MAC address filter, and AES
encryption), NAT, and VPN elements for Jones & Associates located in Washington, DC.

DOD, Bureau of Medicine and Surgery (BUMED - Navy) Washington, DC 04/2000 – 06/2003
Lead Network Engineer (Contractor)
● Consulted with Northrop Grumman and the Dept of Navy (Bureau of Medicine and Surgery) to provide expertise
in the areas of computing where we were directly involved with the Conus network migration and
implementation project. Provided support to EDS as the lead engineer for the NMCI multi-billion dollar
government contract award. The contract vehicle required us to maintain and monitor Windows NT 4.0, 2000-
2003, Linux 7.x-9.x, and HP-UX v10-11x, Solaris 2.x version of servers.
● In addition, reconfigured Cisco Routers (2500 - 7500) and Cisco Switches (5000 - 6500).

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 14
 ● Configured Dell 2550-6650 servers, Compaq ProLiant 3000-DL330 Servers, HP, Intergraph and Micron Servers.
Replaced microprocessors on various machines to decrease CPU utilization, added additional fiber arrays to
increase disk resources, and configured HBAs for improved throughput to Brocade and Q-logic switches.
Performed C2 and M2 certification on the servers in the computer rooms and throughout the organization.
Wrote and made modifications to computing and network policies involving military personnel and the effects it
may have on their existing environment.
● Resolved security issues with SQL and Oracle databases running on NT systems. Monitored and maintained
Microsoft SQL 6.5-7.0 versions. Removed malicious code (viruses) by completing scheduled batch files and login
scripts to resolve problems on the network. Completed VPN software project for the new Vice Admiral
(Executive Assistant to the Defense Secretary).
● Designed and performed security analysis using Retina, Stat, Languard, ISS, Web-Trends, and others software
(analysis of security issues on Windows 2000 NT systems). Updated all the security patches for the servers,
wrote network authentication scripts for the users who logged into the system. Removed active-x and java
applets using Kix32 and Perl scripts from remote connected computers (for example: OCX), removed open files.
Worked with Pentagon staff to ensure connectivity using Cisco's 6509 Apex switch and 7507 Router.
● Configured Microsoft Exchange servers to run with new PKI certificates on the various boxes and configured the
new exchange server (project: E-med) with the X.400 protocol. Configured and installed Microsoft Project
Server, version 2000, at the site for project file sharing across the disparate LAN’s for the military.
● Configured Microsoft Project to interact with SQL server and Microsoft Exchange collaboration and replication
features.
● Installed Radius and AS5X00 solution for remote access using dialup as method of connection (VPN
concentrators were not allowed due to security risks associated with Pentagon staff). Revamped the Enterprise
Exchange Email solution for Bumed while working in conjunction with Microsoft on future goals of the
organization.
● Configured Sendmail application on different variants of UNIX servers which were used exclusively as MTA’s.
● Configured the Sendmail server to filter traffic, validate resolvable domains, verify valid domains, retrieve mail
and access statistics, while reporting to higher ups as it pertains to system status. Monitored numerous
elements of server activity using Net-IQ, Whatsup, Syslog, Languard, ISS Security Scanners, NetRat, Cisco 2000
Works, HP Openview, and SNMP3 applications and Windows Performance Monitors.
● Revamped the clustering solution from a file and print server standpoint. The solution provided the client with
dynamic mapping and sharing of file shares through a clustered graphical interface.
● Supervised the installation and configuration of Norton, McAfee, and Trend Micro on production servers and
desktops.
● Consulted with the Director of IT and BUMED Department Head on Compaq SAN solutions. Configured LDAP
solutions for the hill and users throughout the organization.
● Created Linux servers for testing purposes for secure ftp computing. Provided consulting services for the
communications staff on implementing security standards for their encrypted communication projects.
Configured Xerox Scanware software to work with the exchange server in the Department of Navy's document
flow project.

Education:
● Master's Degree in IT/Security - Capitol Technology University (2003)
● Bachelor’s of Arts - Communications (Speech and Technology)
● Wake Forest University Varsity Men’s Basketball Team Division 1

Professional Development Certifications:

● Python and Ansible Programming Certification (2022)
● IPv6 Enterprise Deployment Certification (2021)
● VMware 6 - 7 - VSP, VTSP, US Government Certification (2016)
● VMware/AWS Cloud Certification (Cloud Cert/Deployment) (2016)
● Microsoft Azure Architect/Engineering

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 15
 ● NetGear Enterprise Network Certification (2015)
● ExtremeNetworks Certified Engineer (Certified) (2013)
● Citrix Virtualization Engineer - Certified (2013)
● HPE Storage, Network and Blade Server Architect/SME (2009)
● Juniper Switch Certified Engineer (2015)
● Fortinet Certified Engineer - NSE 1 - 2 (Certified Cybersecurity Engineer) (2023)
● HPE Storage and SAN Engineer Certified (2009)
● EMC Smarts Certification (2004)
● Microsoft Azure Certification - Pending

ITOTS Networks, LLC ● 110 Wenonah Way, Durham, NC 27713 ● tsanders@[Link] ● 240-997-0016 ● P. 16